# Rules used in the test suite. This allows us to change the # main ruleset without breaking the test suite. # <@LICENSE> # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to you under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at: # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # copied from 10_default_prefs.cf clear_report_template report Spam detection software, running on the system "_HOSTNAME_", has report identified this incoming email as possible spam. The original message report has been attached to this so you can view it (if it isn't spam) or label report similar future email. If you have any questions, see report _CONTACTADDRESS_ for details. report report Content preview: _PREVIEW_ report report Content analysis details: (_SCORE_ points, _REQD_ required) report report " pts rule name description" report ---- ---------------------- -------------------------------------------------- report _SUMMARY_ report_contact @@CONTACT_ADDRESS@@ clear_unsafe_report_template unsafe_report The original message was not completely plain text, and may be unsafe to unsafe_report open with some email clients; in particular, it may contain a virus, unsafe_report or confirm that your address can receive spam. If you wish to view unsafe_report it, it may be safer to save it to a file and open it with an editor. clear_headers add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ add_header spam Flag _YESNOCAPS_ add_header all Level _STARS(*)_ add_header all Status "_YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_" clear_originating_ip_headers originating_ip_headers X-Yahoo-Post-IP X-Originating-IP X-Apparently-From originating_ip_headers X-SenderIP required_score 5 ok_locales all ifplugin Mail::SpamAssassin::Plugin::TextCat ok_languages all endif # Mail::SpamAssassin::Plugin::TextCat ifplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold bayes_auto_learn_threshold_nonspam 0.1 bayes_auto_learn_threshold_spam 12.0 endif # Mail::SpamAssassin::Plugin::AutoLearnThreshold bayes_auto_learn 1 report_safe 1 header TEST_NOREALNAME From =~ /^["\s]*\?\s*$/ describe TEST_NOREALNAME From: does not include a real name score TEST_NOREALNAME 5 header TEST_ENDSNUMS From:addr =~ /\D\d{8,}\@/i describe TEST_ENDSNUMS From: ends in many numbers score TEST_ENDSNUMS 5 header TEST_FORGED_YAHOO_RCVD eval:check_for_forged_yahoo_received_headers() describe TEST_FORGED_YAHOO_RCVD 'From' yahoo.com does not match 'Received' headers score TEST_FORGED_YAHOO_RCVD 5 uri TEST_NORMAL_HTTP_TO_IP m{^https?://\d+\.\d+\.\d+\.\d+}i describe TEST_NORMAL_HTTP_TO_IP Uses a dotted-decimal IP address in URL score TEST_NORMAL_HTTP_TO_IP 5 body TEST_EXCUSE_12 /this (?:e?-?mail|message) (?:(?:has )?reached|was sent to) you in error/i describe TEST_EXCUSE_12 Nobody's perfect score TEST_EXCUSE_12 5 body TEST_EXCUSE_4 /To Be Removed,? Please/i describe TEST_EXCUSE_4 Claims you can be removed from the list score TEST_EXCUSE_4 5 header TEST_INVALID_DATE Date !~ /^\s*(?:(?i:Mon|Tue|Wed|Thu|Fri|Sat|Sun),\s+)?[0-3\s]?[0-9]\s+(?i:Jan|Feb|Ma[ry]|Apr|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+(?:[12][901])?[0-9]{2}\s+[0-2]?[0-9](?:\:[0-5][0-9]){1,2}\s+(?:[AP]M\s+)?(?:[+-][0-9]{4}|UT|[A-Z]{2,3}T)(?:\s+\(.*\))?\s*$/ [if-unset: Wed, 31 Jul 2002 16:41:57 +0200] describe TEST_INVALID_DATE Invalid Date: header (not RFC 2822) score TEST_INVALID_DATE 5 header TEST_MSGID_OUTLOOK_INVALID eval:check_outlook_message_id() describe TEST_MSGID_OUTLOOK_INVALID Message-Id is fake (in Outlook Express format) score TEST_MSGID_OUTLOOK_INVALID 5 header MISSING_HB_SEP eval:check_msg_parse_flags('missing_head_body_separator') describe MISSING_HB_SEP Missing blank line between message header and body tflags MISSING_HB_SEP userconf header X_MESSAGE_INFO exists:X-Message-Info describe X_MESSAGE_INFO Bulk email fingerprint (X-Message-Info) found header SORTED_RECIPS eval:sorted_recipients() describe SORTED_RECIPS Recipient list is sorted by address header SUSPICIOUS_RECIPS eval:similar_recipients('0.65','undef') describe SUSPICIOUS_RECIPS Similar addresses in recipient list body GTUBE /XJS\*C4JDBQADN1\.NSBN3\*2IDNEN\*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL\*C\.34X/ describe GTUBE Generic Test for Unsolicited Bulk Email score GTUBE 1000 tflags GTUBE userconf noautolearn body BAYES_99 eval:check_bayes('0.99', '1.00') tflags BAYES_99 learn describe BAYES_99 Bayes spam probability is 99 to 100% score BAYES_99 0 0 3.5 3.5 ifplugin Mail::SpamAssassin::Plugin::WLBLEval header USER_IN_WHITELIST eval:check_from_in_whitelist() tflags USER_IN_WHITELIST userconf nice noautolearn score USER_IN_WHITELIST -100.000 header USER_IN_DEF_WHITELIST eval:check_from_in_default_whitelist() tflags USER_IN_DEF_WHITELIST userconf nice noautolearn score USER_IN_DEF_WHITELIST -15.000 header USER_IN_WHITELIST_TO eval:check_to_in_whitelist() tflags USER_IN_WHITELIST_TO userconf nice noautolearn score USER_IN_WHITELIST_TO -6.000 header USER_IN_BLACKLIST eval:check_from_in_blacklist() tflags USER_IN_BLACKLIST userconf noautolearn score USER_IN_BLACKLIST 100.000 header USER_IN_BLACKLIST_TO eval:check_to_in_blacklist() tflags USER_IN_BLACKLIST_TO userconf noautolearn score USER_IN_BLACKLIST_TO 10.000 endif # Mail::SpamAssassin::Plugin::WLBLEval ifplugin Mail::SpamAssassin::Plugin::WhiteListSubject header SUBJECT_IN_WHITELIST eval:check_subject_in_whitelist() tflags SUBJECT_IN_WHITELIST userconf nice noautolearn header SUBJECT_IN_BLACKLIST eval:check_subject_in_blacklist() tflags SUBJECT_IN_BLACKLIST userconf noautolearn score SUBJECT_IN_BLACKLIST 100 score SUBJECT_IN_WHITELIST -100 endif # Mail::SpamAssassin::Plugin::WhiteListSubject header __HAS_MSGID MESSAGEID =~ /\S/ header __SANE_MSGID MESSAGEID =~ /^<[^<>\\ \t\n\r\x0b\x80-\xff]+\@[^<>\\ \t\n\r\x0b\x80-\xff]+>\s*$/m header __MSGID_COMMENT MESSAGEID =~ /\(.*\)/m meta INVALID_MSGID __HAS_MSGID && !(__SANE_MSGID || __MSGID_COMMENT) describe INVALID_MSGID Message-Id is not valid, according to RFC 2822 score INVALID_MSGID 2.999 2.603 2.489 1.900 header TEST_MSGID_SPAM_CAPS Message-ID =~ /^\s*